Security Advisory

CVE-2024-39589

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-09-18 14:35:54

Last updated 2025-11-04 16:12:27

Assigner talos

State PUBLISHED

Description

Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC_v3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. A specially crafted EtherNet/IP request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger these vulnerabilities.This instance of the vulnerability occurs within the `Protected_Logical_Read_Reply` function

← Browse all CVEs View on cve.org ↗